Compare commits
20 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 9a906ec55c | |||
| 8b93585422 | |||
| 59dd16d4ac | |||
| d7678274be | |||
| 4a8f7525e7 | |||
| fb55f47e5c | |||
| 0251b9dc69 | |||
| 2b505b0d9d | |||
| cb3545f261 | |||
| d673b97b4b | |||
| 1be4aeb6b8 | |||
| 0a3f4ab5ef | |||
| 36ce60aa28 | |||
|
d21b959104 | ||
|
|
2b822af907 | ||
|
|
2aa636409a | ||
|
|
819af38886 | ||
|
|
65fe245e9f | ||
|
|
8ebde5ffbc | ||
|
|
eef425d7b7 |
@@ -1,29 +0,0 @@
|
||||
name: Docker Build and Push
|
||||
#on: [push]
|
||||
on:
|
||||
workflow_dispatch:
|
||||
|
||||
jobs:
|
||||
build-and-push:
|
||||
runs-on: docker
|
||||
if: branch == 'main'
|
||||
steps:
|
||||
- name: Checkout Repository
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Login to Registry
|
||||
run: |
|
||||
echo "${{ secrets.REGISTRY_PASSWORD }}" | docker login ${{ secrets.REGISTRY_URL }} -u "${{ secrets.REGISTRY_USERNAME }}" --password-stdin
|
||||
|
||||
- name: Build Docker Image
|
||||
run: |
|
||||
docker build -t ${{ secrets.REGISTRY_URL }}/FlorianWalther/password-generator:latest .
|
||||
|
||||
- name: Push Docker Image
|
||||
run: |
|
||||
docker push ${{ secrets.REGISTRY_URL }}/FlorianWalther/password-generator:latest
|
||||
|
||||
- name: Cleanup
|
||||
run: |
|
||||
docker system prune -f
|
||||
|
||||
@@ -14,8 +14,8 @@ jobs:
|
||||
- name: Login to Gitea
|
||||
uses: docker/login-action@v3
|
||||
with:
|
||||
registry: ${{ REGISTRY_URL }} # gitea.scu.si
|
||||
username: ${{ gitea.actor }}
|
||||
registry: ${{ vars.REGISTRY_URL }} # gitea.scu.si
|
||||
username: ${{ secrets.REGISTRY_USER }}
|
||||
password: ${{ secrets.REGISTRY_PASSWORD }}
|
||||
|
||||
- name: Build and push
|
||||
@@ -26,5 +26,5 @@ jobs:
|
||||
# Hier wird die Git-Referenz automatisch als Docker-Tag genutzt
|
||||
#tags: gitea.scu.si/florianwalther/password-generator:${{ gitea.ref_name }}
|
||||
tags: |
|
||||
gitea.scu.si/florianwalther/password-generator:${{ gitea.ref_name }}
|
||||
gitea.scu.si/florianwalther/password-generator:latest
|
||||
gitea.scu.si/florian.walther/password-generator:${{ gitea.ref_name }}
|
||||
gitea.scu.si/florian.walther/password-generator:latest
|
||||
|
||||
57
README.md
57
README.md
@@ -1,55 +1,40 @@
|
||||
# Web-Password
|
||||
|
||||
_a web based password generator_
|
||||
_a web based password generator, with an API endpoint_
|
||||
|
||||
|
||||
|
||||
# Funktionsweise
|
||||
## Features
|
||||
|
||||
* Passwortgenerierung: Die Anwendung generiert ein 32-stelliges Passwort mit Großbuchstaben, Kleinbuchstaben und Ziffern (entspricht dem Befehl `apg -a 1 -m 32 -n 1 -M NCL`).
|
||||
* Zwischenablage: Mit dem Button "In Zwischenablage kopieren" wird das Passwort in die Zwischenablage kopiert.
|
||||
* Docker: Der Container enthält nur die Go-Anwendung und keine zusätzliche Linux-Distribution.
|
||||
* generates long and random, secure passwords (read about the [security considerations](SECURITY.md))
|
||||
* copy to clipboard
|
||||
* very small docker container, that only contains the application and has minimum attack surface
|
||||
|
||||
## Demo
|
||||
|
||||
# Baue die Go-Anwendung
|
||||
There is a demo at [https://passwd.scu.si](https://passwd.scu.si)
|
||||
|
||||
## Usage
|
||||
|
||||
The following example shows how to get up your own instance with `docker compose`.
|
||||
|
||||
```
|
||||
go build -o password-generator ./
|
||||
```
|
||||
|
||||
# Baue das Docker-Image
|
||||
|
||||
```
|
||||
docker build -t password-generator .
|
||||
```
|
||||
|
||||
# Starte den Docker Container
|
||||
|
||||
```
|
||||
docker run -p 8080:8080 password-generator
|
||||
```
|
||||
|
||||
## mit docker-compose
|
||||
|
||||
Ein `docker-compose.yml` wird mitgeliefert.
|
||||
|
||||
### initial pull
|
||||
|
||||
```
|
||||
docker compose login gitea.scu.si
|
||||
git clone https://gitea.scu.si/FlorianWalther/Web-Password.git
|
||||
cd Web-Password
|
||||
cp misc/docker-compose.yml ./
|
||||
docker compose pull
|
||||
```
|
||||
|
||||
### start up
|
||||
|
||||
```
|
||||
docker compose up -d
|
||||
```
|
||||
|
||||
### bring down
|
||||
## Docker image
|
||||
|
||||
The latest official docker image is at [https://gitea.scu.si/FlorianWalther/-/packages/container/password-generator/latest](https://gitea.scu.si/FlorianWalther/-/packages/container/password-generator/latest)
|
||||
|
||||
You can pull it like this:
|
||||
```
|
||||
docker compose down
|
||||
docker pull gitea.scu.si/florianwalther/password-generator:latest
|
||||
```
|
||||
|
||||
## more usage examples
|
||||
|
||||
There are some more usage example in [misc/MoreUsage.md](misc/MoreUsage.md)
|
||||
|
||||
Binary file not shown.
|
Before Width: | Height: | Size: 42 KiB After Width: | Height: | Size: 24 KiB |
53
main.go
53
main.go
@@ -9,8 +9,22 @@ import (
|
||||
|
||||
const (
|
||||
passwordLength = 32
|
||||
// Zeichensatz mit 62 möglichen Zeichen pro Position
|
||||
chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"
|
||||
//chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!?$%&=#+<>-:,.;_*@"
|
||||
|
||||
// Zeichensatz mit 58 möglichen Zeichen pro Position
|
||||
// Verwechslungsanfällige Zeichen (0, O, 1, l, I) sind nicht enthalten.
|
||||
//
|
||||
// ## Security Note: ################################################
|
||||
// Der reduzierte Zeichensatz setzt den Keyspace von 10^57 auf 10^56 herab.
|
||||
// Die Entropie wird von ~192.6 Bit auf ~190.6 Bit herabgesetzt.
|
||||
// Solange die Passwortlänge von 32 Zeichen beibehalten wird ist der
|
||||
// Sicherheitsverlust durch einen reduzierten Zeichensatz akzeptabel,
|
||||
// weil der Keyspace immer noch so groß ist dass ein erraten praktisch
|
||||
// unmöglich ist.
|
||||
//
|
||||
//const chars = "ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnpqrstuvwxyz23456789"
|
||||
|
||||
)
|
||||
|
||||
func generatePassword() string {
|
||||
@@ -32,6 +46,7 @@ func passwordHandler(w http.ResponseWriter, r *http.Request) {
|
||||
fmt.Fprint(w, password)
|
||||
}
|
||||
|
||||
// new help handler
|
||||
func helpHandler(w http.ResponseWriter, r *http.Request) {
|
||||
helpHTML := `
|
||||
<!DOCTYPE html>
|
||||
@@ -58,7 +73,7 @@ func helpHandler(w http.ResponseWriter, r *http.Request) {
|
||||
box-shadow: 0 2px 10px rgba(0, 0, 0, 0.1);
|
||||
max-width: 800px;
|
||||
width: 90%;
|
||||
min-width: 600px;
|
||||
min-width: 500px;
|
||||
}
|
||||
h1 {
|
||||
font-size: 1.5rem;
|
||||
@@ -89,18 +104,29 @@ func helpHandler(w http.ResponseWriter, r *http.Request) {
|
||||
Der Endpunkt gibt das Passwort im Plain-Text-Format zurück.
|
||||
</p>
|
||||
<h2>Endpunkt:</h2>
|
||||
<p><code>http://localhost:8080/api/password</code></p>
|
||||
<p><code id="api-endpoint"></code></p>
|
||||
<h2>Beispiele:</h2>
|
||||
<h3>Mac/Linux (Terminal):</h3>
|
||||
<pre>echo $(curl -s http://localhost:8080/api/password)</pre>
|
||||
<pre id="curl-example"></pre>
|
||||
<h3>Windows (PowerShell):</h3>
|
||||
<pre>Invoke-RestMethod -Uri http://localhost:8080/api/password</pre>
|
||||
<pre id="powershell-example"></pre>
|
||||
<h3>Windows (cmd):</h3>
|
||||
<pre>curl http://localhost:8080/api/password</pre>
|
||||
<pre id="cmd-example"></pre>
|
||||
<p>
|
||||
<a href="/">Zurück zur Passwort-Generierung</a>
|
||||
</p>
|
||||
</div>
|
||||
<script>
|
||||
// Dynamisch den aktuellen Hostnamen ermitteln
|
||||
const currentHost = window.location.host;
|
||||
const apiEndpoint = "https://" + currentHost + "/api/password";
|
||||
|
||||
// Hostnamen in die Beispiele eintragen
|
||||
document.getElementById("api-endpoint").textContent = apiEndpoint;
|
||||
document.getElementById("curl-example").textContent = "curl " + apiEndpoint;
|
||||
document.getElementById("powershell-example").textContent = "Invoke-RestMethod -Uri " + apiEndpoint;
|
||||
document.getElementById("cmd-example").textContent = "curl " + apiEndpoint;
|
||||
</script>
|
||||
</body>
|
||||
</html>
|
||||
`
|
||||
@@ -108,6 +134,7 @@ func helpHandler(w http.ResponseWriter, r *http.Request) {
|
||||
fmt.Fprint(w, helpHTML)
|
||||
}
|
||||
|
||||
|
||||
func webHandler(w http.ResponseWriter, r *http.Request) {
|
||||
password := generatePassword()
|
||||
html := fmt.Sprintf(
|
||||
@@ -134,7 +161,7 @@ html := fmt.Sprintf(
|
||||
border-radius: 8px;
|
||||
box-shadow: 0 2px 10px rgba(0, 0, 0, 0.1);
|
||||
width: 90%%;
|
||||
min-width: 600px;
|
||||
min-width: 500px;
|
||||
position: relative;
|
||||
}
|
||||
h1 {
|
||||
@@ -182,6 +209,17 @@ html := fmt.Sprintf(
|
||||
.renew-button:hover {
|
||||
background: #0056b3;
|
||||
}
|
||||
.about-link {
|
||||
position: absolute;
|
||||
top: 1rem;
|
||||
left: 1rem;
|
||||
font-size: 1.2rem;
|
||||
color: #999;
|
||||
text-decoration: none;
|
||||
}
|
||||
.about-link:hover {
|
||||
color: #444;
|
||||
}
|
||||
.help-link {
|
||||
position: absolute;
|
||||
top: 1rem;
|
||||
@@ -218,6 +256,7 @@ html := fmt.Sprintf(
|
||||
<body>
|
||||
<div class="container">
|
||||
<a href="/help" class="help-link">API</a>
|
||||
<a class="about-link" href="https://gitea.scu.si/Florian.Walther/Web-Password">code</a>
|
||||
<h1>Generiertes Passwort</h1>
|
||||
<div id="password">%s</div>
|
||||
<div class="buttons">
|
||||
|
||||
82
misc/MoreUsage.md
Normal file
82
misc/MoreUsage.md
Normal file
@@ -0,0 +1,82 @@
|
||||
## bash alias
|
||||
|
||||
You can configure an bash alias in your `~/.bashrc` like this:
|
||||
|
||||
```
|
||||
## genpasswd alias
|
||||
alias genpasswd='echo $(curl -s https://passwd.scu.si/api/password)'
|
||||
```
|
||||
|
||||
After making above changes you have to reload your ~/bashrc, in order to activate your changes.
|
||||
```
|
||||
. ~/.bashrc
|
||||
```
|
||||
|
||||
Now you can enter `genpasswd` and get a fresh password from the API Endpoint.
|
||||
|
||||
# building the app
|
||||
|
||||
you can build the app yourself like this:
|
||||
|
||||
```
|
||||
go build -o password-generator ./
|
||||
```
|
||||
|
||||
|
||||
|
||||
# build a docker container
|
||||
|
||||
```
|
||||
docker build -t password-generator .
|
||||
```
|
||||
|
||||
# start the docker container
|
||||
|
||||
```
|
||||
docker run -p 8080:8080 password-generator
|
||||
```
|
||||
|
||||
## docker-compose
|
||||
|
||||
There are two example docker-compose files in the [misc](./) directory.
|
||||
|
||||
### docker-compose.yml
|
||||
|
||||
A basic variant that just brings up the container and export port 8080.
|
||||
The basic variant can be used without modifications.
|
||||
|
||||
### docker-compose.traefik.yml
|
||||
|
||||
The other one is meant to be used behind a traefik reverse proxy.
|
||||
This variant has lables to configure traefik accordingly.
|
||||
The traefik variant needs to be adjusted to your environment before
|
||||
you can use it successfully.
|
||||
|
||||
### initial pull
|
||||
|
||||
```
|
||||
docker compose pull
|
||||
```
|
||||
|
||||
### start up
|
||||
|
||||
```
|
||||
docker compose up -d
|
||||
```
|
||||
|
||||
### bring down
|
||||
|
||||
```
|
||||
docker compose down
|
||||
```
|
||||
|
||||
### update container
|
||||
|
||||
In order to update your container to the current version, do this:
|
||||
```
|
||||
docker compose pull
|
||||
docker compose down
|
||||
docker compose up -d
|
||||
```
|
||||
|
||||
|
||||
22
misc/docker-compose.traefik.yml
Normal file
22
misc/docker-compose.traefik.yml
Normal file
@@ -0,0 +1,22 @@
|
||||
services:
|
||||
password-generator:
|
||||
image: gitea.scu.si/florianwalther/password-generator:latest
|
||||
container_name: password-generator
|
||||
restart: always
|
||||
expose:
|
||||
- "8080:8080"
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.docker.network=traefik_backend"
|
||||
- "traefik.http.routers.webpass.rule=Host(`passwd.scu.si`)"
|
||||
- "traefik.http.routers.webpass.entrypoints=web,websecure"
|
||||
- "traefik.http.routers.webpass.tls=true"
|
||||
- "traefik.http.routers.webpass.tls.certresolver=myresolver"
|
||||
- "traefik.http.services.webpass.loadbalancer.server.port=8080"
|
||||
networks:
|
||||
- traefik_backend
|
||||
|
||||
networks:
|
||||
traefik_backend:
|
||||
external: true
|
||||
|
||||
Reference in New Issue
Block a user